Keith, Kenneth: I have been busy both cutting a GDB release (which isn't done yet) and dealing with immediate management needs at my company. But your concerns are also of grave concern to me, so I'll take the time to answer you fully. I am uninterested in censorship of discussion of *any* topic on mailing lists through my machine. Your opinion is that this is inappropriate use of the Internet. I own the machine free and clear. I personally pay its network bills. If you examine its net connectivity and the associated connection contracts, you will find that the machine is attached via a worldwide network that explicitly promises not to censor any traffic UNLESS AND UNTIL a court of law -- not you -- has decided that that traffic is actually illegal. And my machine sends email traffic for any host (other than a short list known to be on uncensored networks) to uunet, which is explicitly authorized by NSF to forward uncontrolled outside traffic (e.g. from uucp sites) into the NSFnet. You see, I anticipated that third parties would want to control what I and my friends might want to talk about using this wonderful networking technolgy. And we aren't interested in your opinion. No offense intended, Keith -- I think you have done some truly great work for the community. But when you imply that conversations though my machine are in any way illegal or inappropriate, you've overstepped my respect for you.

This person appears to be a virus author, one who knows virus authors, and/or one who encourages such activity.

Thank you, Senator McCarthy. I believe that thug@phantom.com is not a smart-card-carrying member of the virus authors' guild, but I'm not sure. I think that the attitude that it's OK for "computer scientists" or "virus researchers" to talk about viruses, to dissect them in detail, and to write or modify them, but it isn't OK for anyone else to do so, is two-faced and objectionable. Security by obscurity -- forcing people to be unaware of issues and threats like these, whether by explicit censorship, pressure on intermediate sites, or by social ostracism -- not only doesn't remove the threat, but is an affront to our open society. If you think that the public should be protected from the *content* of the particular message that was forwarded to me, I recommend that you look at recent issues of Info Security News (formerly ISPNews), one of the better trade rags covering security products. They seem to be running an article series by Alan Solomon on exactly how stealth viruses work, and they provided a lot more details than the overview posting that came through toad.com. I've seen articles in the Sep/Oct and Nov/Dec 1992 issues so far. Just as important to the cypherpunks posting was the author's exploration of the impacts on society resulting from the technology (the movement toward memory-protected and permission-controlled operating systems, the impacts of automating virus creation so that children can do it, etc). The Solomon articles focused completely on technical issues, leaving the reader in the dark about how to cope over the next few years. My own opinion is that viruses are what will finally put a stake through the heart of DOS. It's a dirty job, but somebody has to do it. If true, or even 10% likely, it's something that a hundred million people had better talk about, so they can prepare for it. John Gilmore gnu@toad.com